WordPress BBPress plugin version 2.5 suffers from an unauthenticated privilege escalation vulnerability.
721ba0e3478ef95b7a328c53b4993c0adc41d6f9a6ebe6837319e50d98f45d75Apple Security Advisory 2020-05-26-4 - tvOS 13.4.5 addresses code execution, cross site scripting, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
56756c475b2db5ca4e461c12f83e7a9e603128c2351ec2fd18890f6185253754Apple Security Advisory 2020-05-26-11 - Windows Migration Assistant 2.2.0.0 (v. 1A11) is now available and addresses a code execution vulnerability.
2844283de9e565445f79120159bebc35949ae0381b2da4a7abb2c6e9bd66b28cApple Security Advisory 2020-05-26-10 - iCloud for Windows 7.19 is now available and addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.
62db8b0b76c4b9282432d70396fd37bb8568c629f4d9e8835ed1b611ab0d95bbApple Security Advisory 2020-05-26-9 - iCloud for Windows 11.2 is now available and addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.
100cbea4dc7f344692f604cbe8dfab29c51a9e753f7d0e6e5204c16baf6f0880Apple Security Advisory 2020-05-26-5 - watchOS 6.2.5 addresses code execution, cross site scripting, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
2a3498bed642fb25a35b285cbccdfdfb4b489e582424bec1bb96cb1b19041e61Apple Security Advisory 2020-05-26-8 - iTunes 12.10.7 for Windows addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.
b54c3b2604ae9bd59edb7cbd324ad1bc43d253eca37d86dbc127855a7ba085f2Apple Security Advisory 2020-05-26-3 - macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra are now available and address bypass, code execution, denial of service, double free, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
e548dbe3bc45349923003f3bd1e0ad372863e5efd1c4433b30594bf80a645be4Apple Security Advisory 2020-05-26-7 - Safari 13.1.1 is now available and addresses code execution and cross site scripting vulnerabilities.
8b7dce5d32dceb835cd62c85f176c7a87bd99a3dbad33629c6c8dd27534b2540Apple Security Advisory 2020-05-26-6 - watchOS 5.3.7 addresses a memory corruption vulnerability.
e65dba406f7d8518f1a05c7ce9ea5e72aca13fc63ac0c877fa3d39db3dab9f43Apple Security Advisory 2020-05-26-1 - iOS 13.5 and iPadOS 13.5 address bypass, code execution, cross site scripting, denial of service, double free, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
c0c5b060812bd316b274c589d529f7340c15548e77bf81b29d18618cd79bfb74Apple Security Advisory 2020-05-26-2 - iOS 12.4.7 addresses an out of bounds write vulnerability.
25db04f26f48b4ba1f92482b9041ca6d7f62441ba8497a88e48505ea92305c77Ubuntu Security Notice 4367-2 - USN-4367-1 fixed vulnerabilities in the 5.4 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service. Various other issues were also addressed.
5e42002b4d2ecabf6a6cfa168d989279420dab6dbea6fcbbc0c07e9f5d7946b9Ubuntu Security Notice 4369-2 - USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service. Various other issues were also addressed.
f8da9cd441c6d1901bb239518cb0e0af3d90d2be5c17ffa81da275fed60bf480Ubuntu Security Notice 4359-2 - USN-4359-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that APT incorrectly handled certain filenames during package installation. If an attacker could provide a specially crafted package to be installed by the system administrator, this could cause APT to crash. Various other issues were also addressed.
d2237b38c62fa2201ddc711ec23e9be63e8076e5ad1bd20e78441a7d9b9bc406Crystal Shard http-protection version 0.2.0 suffers from an IP spoofing bypass vulnerability.
5541826f04a3a19d5af667dd573923bfd3ca06a9c8ea0aac07e7a6742fd3ff60WordPress Multi-Scheduler plugin version 1.0.0 suffers from a cross site request forgery vulnerability.
99dbc846378685b2323c34771392c6ef834d8a9183459926257b3a17519139d8Various PanaceaSoft products appear to suffer from a shell upload vulnerability.
e7ff3b66bb7350d5b9bc20efd9077e3228ee400411b82793b4fee4a799111543Red Hat Security Advisory 2020-2337-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a password leak vulnerability.
d97960039ea897209f7073d1df3f547cead0b07aa28946f6737a56f52c083fceRed Hat Security Advisory 2020-2336-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include integer overflow and out of bounds write vulnerabilities.
a97d0758a99b8e81309670874f63e5ae377f59755cb22c023da972d8e2578f73Red Hat Security Advisory 2020-2338-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
e6a2c73a2a4b38c1487faacabaaebda854a4acb40e748164c0484aced16dfe20Red Hat Security Advisory 2020-2335-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include integer overflow and out of bounds write vulnerabilities.
95bfbc66511ee33ff88995e888012f41cd17e1549e2fbb074f8ced41bb5c2a2cRed Hat Security Advisory 2020-2334-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include integer overflow and out of bounds write vulnerabilities.
e6eb51a86aae787edc8b9e31f50b2a7226ca764a53f6a55c29725b4c919f7a95Debian Linux Security Advisory 4672-1 - Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service or request smuggling attacks.
660939fa86daf06b26ab50e4af0902ea74ef786a1e05e439262de385213123e4Debian Linux Security Advisory 4673-1 - Several vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling and code execution in the AJP connector (disabled by default in Debian).
ba3d584d4fdc2ced4b9b9288a441018d4480428ec0d74e435018d2230c3f1349
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed